Share this Job

Information Security Analyst, Intermediate

Date: May 14, 2019

Location: Toronto, ON, CA

Company: Scotiabank



Requisition ID: 59705


Join the Global Community of Scotiabankers to help customers become better off.

Purpose of Job


Security Assurance Services (SAS) support the achievement of the Bank’s information security objectives by ensuring that various IT teams adhere to the security governance processes and procedures. SAS conducts reviews of operational practices; identify gaps, and works with those teams to achieve resolution of any control deficiencies.


In support of the Information Security & Control (IS&C) global mandate as it pertains to the Scotiabank, subsidiaries, affiliates and strategic alliance partners as well as  to ensure the protection and integrity of Bank information and assets, the incumbent will:


Conduct detailed, risk based evaluations/monitoring of Information Technology (IT) controls utilizing the Bank’s information security standards and regulatory requirements

Provide knowledgeable opinion on the above-mentioned entities’ compliance with information security standards, regulatory requirements and 3rd party agreements


Key Job Accountabilities


  • Document/update operational procedures and process flows, compliance reviews and SAS signoff database to support management assertions of internal controls and support internal/external audits.
  • Deliver documentation to capture, respond, and mitigate events. Research security events correlating various data sources.
  • Review various alerts and risk ratings for Critical Information and Security Sensitive or High-Risk Events.
  • Provide feedback to Critical Information Owner via periodic reports based on Owner's rule parameters.
  • Facilitate healthy partnerships with internal and external stakeholders.
  • Investigate, escalate and track control deficiencies, security review action items and security breaches through to remediation and closure.
  • Provide input for management reporting.  Examples include: executive summaries, condition status reporting, statistics and action item tracking. 
  • Consistently perform internal steady state processes according to procedures within specified timelines to ensure ongoing compliance.
  • 10. Continually improve Security Assurance processes by recommending systems, tools and process enhancements.  Responsible for the maintenance and creation of internal procedures.
  • 11. Perform secondary compliance reviews or provide training to colleagues as and when required. 
  • Provide IT Security Control SME opinions to any IT&S service/process or projects.


Minimum Requirements:


  • Strong presentation and communication skills
  • Candidates with experience in technical support will be considered
  • Experience with Incident Analysis (strong analytical skills).
  • Emphasis on evaluating the significance of information sources (i.e. MS windows events)


Preferred Requirements:


  • University degree or College degree specialising in networks or securities preferred
  • Industry certifications like CCNA etc. field is preferred
  • Expertise in IT key controls and risk assessment concepts
  • Experience with audit practices and methodologies.
  • Thorough knowledge of the Bank’s application and infrastructure environment
  • Sound knowledge of regulatory requirements
  • Exposure with user behavior analytics (UBA), Big data platforms.


Location(s):  Canada : Ontario : Toronto

As Canada’s International Bank, we are a leader when it comes to inclusion. We are a diverse and global team, speaking more than 100 languages with backgrounds from more than 120 countries. We value the unique skills and experiences each individual brings to the bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. Candidates selected for an interview will be contacted directly.  If you require accommodation during the recruitment and selection process, please let us know. We will work with you to provide as seamless a recruitment experience as possible.

Job Segment: Bank, Banking, Information Security, Developer, Finance, Technology, Security